How to Avoid Being Hacked: Strengthen Your Passwords—'12345' Isn't Good Enough
Weak passwords are a huge problem when it comes to keeping your data secure. If you type "password cyberattack" into Google News, you'll see just how often cyber criminals manage to steal important data from companies and individuals. For instance, in 2023, security firm NordPass reported that "123456" was the most common password in Nigeria and the second most common password worldwide.
Why Is Password Security So Important?
The increase in cyberattacks leading to system breaches and data leaks has made it clear that protecting access is crucial. Traditional passwords and usernames are very vulnerable because too many people use weak, simple, and recycled passwords.
A report from Sophos, a cybersecurity firm, found that the number of cyberattacks on businesses in South Africa, Kenya, and Zambia increased by 76% in 2023. Each year, various sources publish lists of the most used passwords. NordPass research often highlights predictable choices like "123456," "admin," "12345678," and "password." These passwords can be hacked in less than a minute by skilled hackers or even amateurs using AI tools.
What Can Companies Do Differently?
Companies need to develop and enforce a robust password policy to meet their cybersecurity objectives. This might include:
- Regular awareness campaigns to promote safe password practices.
- Following best practice security standards for user accounts and password control.
- Incorporating password-strength meters to help users create more secure passwords.
- Adopting multi-factor authentication (MFA), which requires two or more pieces of evidence to authenticate a user (like a password plus facial recognition).
- Making sure password files are encrypted.
- Conducting regular audits to ensure compliance with password policies and standards.
What About Individuals?
Individuals can also enhance their online safety by staying vigilant and informed about the latest threats. Tips for safer password use include:
- Know and follow organizational policies and standards for safe password use.
- Participate in awareness and training sessions.
- Report any suspicious security incidents to your ICT help desk or follow your organization's incident management process.
- Keep your login credentials safe and secure.
- Log out after every session, especially on shared computers.
- Use strong passwords that are not easily guessed. Avoid sequential characters or repetitive phrases.
- Check if your chosen password is part of a list of breached passwords.
- Change your password whenever you suspect it has been compromised.
- Use encrypted password manager tools to store passwords securely.
Biggest Password No-Nos
To stay safe, don't use basic or easily guessable passwords like common dictionary words. Your password should be at least 12 characters long, using a mix of letters, numbers, special characters, and both lowercase and uppercase letters.
Additionally, don't reuse passwords across different accounts. Avoid using auto-fill or saving your passwords on websites, especially on shared computers. Never share your passwords unless absolutely necessary and authorized for auditing purposes. Also, never give password details over the phone without proper verification.
Verification steps include:
- Confirming the ticket number the caller references.
- Asking the caller to send an official email.
- Checking the authenticity if an internal phone number is used.
- Requesting identification details from the caller like their name, office location, department, and reporting lines.
By following these tips and guidelines, both companies and individuals can significantly reduce their risk of falling victim to cyberattacks and keep their vital data protected.
